EN 
NL 
DE IBP standards framework
DigiTrust is happy to help your organisation achieve your IBP standards framework compliance and certification.
DigiTrust is the expert in information security in the Netherlands.
Assessing your information security management system is our core business. We have our own team of auditors, who look closely at the context of your organisation.
- Your audit starts when it suits your organisation.
- Personal guidance throughout the certification process.
- Sharp prices for IBP standards framework certification.
More than 600 organisations have already gone before you.
What is the IBP standards framework?
The IBP (Information Security and Privacy) standards framework is a guideline for primary, secondary and special education. The standards framework describes which rules, principles and standards schools must comply with for a digitally safe school environment. The standards framework was developed by Kennisnet in collaboration with the PO-Raad (Primary Education) and VO-raad (Secondary Education) and the SIVON (Samen Inkopen Voor Onderwijs Nederland ).
The standards framework helps educational organisations manage information security risks, raise awareness and comply with laws and regulations, such as the AVG.
Who is the IORP standards framework intended for?
The IBP standards framework is intended for boards and institutions in primary and secondary education. Both small and large educational organisations can use this framework to demonstrate their responsible handling of personal data and digital security. If you are a special education school and you also use a healthcare information system, you must additionally also comply with the NEN7510 standard.
Why should you comply with the IBP standards framework?
It is important that your school is sufficiently resilient to cyber threats, to protect the Availability, Integrity and Confidentiality of all information. The Minister of Education Has following incidents at higher education institutions recent decided that under the upcoming Cyber Security Act (CBW) will start to fall. Additional requirements will also start to apply to MBO. It is therefore important for the whole education chain that information is well protected at cyber risks.
What do you need to do to comply with the IBP standards framework?
The standards framework contains 69 information security standards and 25 privacy standards. Each standard (topic) is in turn divided into themes, such as policy, risk management, access management, monitoring and incident handling. To comply with the standards framework, you must, among other things:
- Draft and update policies;
- Identify risks and take control measures;
- Implement appropriate technical and organisational security measures;
- Ensure awareness among employees;
- Periodically check whether measures are effective.
Tip: Even if you have outsourced all your ICT services to a supplier, this does not mean that you yourself comply with the IORP standards framework. As a school, you are and remain responsible for meeting all requirements, including the technical ones.
How do you demonstrate compliance with the standards framework?
Demonstrating your compliance with the IORP standards framework requires an independent audit. DigiTrust offers you a total process. We start with an intake meeting, during which we get a good understanding of your school's context. We then plan the audit together with you.
During the audit, we test your school against the IBP standards framework and provide a clear picture of your level of compliance. You can use this impartial report for the action plan.
Upon completion, you will receive an objective audit report that you can use to account to internal and external stakeholders, such as the inspection or your participation council.
- Read more about this certification:
- ISO 27001 certification
- ISO 27001 Standard
- ISO 27001 Checklist
- Download ISO 27001 PDF
- ISO 27001 Audit
- Information security
- Certification path
- Other certifications
Questions about IBP standards framework or curious about certification options?
Our specialists will be happy to tell you more about it. Call us at 088-224 56 00, please email us at [email protected] or use our online contact form. We will be happy to visit you for a no-obligation introduction.
More than 500 organisations have already gone before you.